package cn.org.donald.framework.authentication.config;
import cn.org.donald.framework.authentication.filter.JwtFilter;
import cn.org.donald.framework.authentication.realm.JwtRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author ： Donald
 * @date ： 2020/10/16 22:12
 * @description： shiro配置类
 */
@Configuration
public class ShiroConfig  {

    //1.shiroFilter 负责拦截所有请求
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        //给filter设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);


        LinkedHashMap<String, Filter> filters = new LinkedHashMap<>();
        filters.put("jwtFilter", new JwtFilter());
        /*加入自定义过滤器*/
        shiroFilterFactoryBean.setFilters(filters);

        //配置系统的受限资源 和系统的公共资源
        Map<String,String> map = new LinkedHashMap<>();
        //map.put("/**","authc");//authc表示请求需要认证和授权
        map.put("/system/login","anon");//anon表示不拦截
        map.put("/system/register","anon");
        map.put("/system/getCaptcha","anon");
        map.put("/system/logout","anon");
        map.put("/doc.html","anon");
        map.put("/swagger-ui.html/**","anon");
        map.put("/swagger/**","anon");
        map.put("/config/swagger.html/**","anon");
        map.put("/v3/**","anon");
        map.put("/swagger-resources/**","anon");
        map.put("/webjars/**","anon");
        map.put("/configuration/**","anon");

        /*自定义过滤器这句不设置的话没带session的请求全拦截了,前后端分离必须的,并且加上自定义filter的bean name*/
        map.put("/**","noSessionCreation,jwtFilter");


        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        //拦截跳转登录的url,不配置默认是/login
        shiroFilterFactoryBean.setLoginUrl("/system/preLogin");

        //设置注销


        return shiroFilterFactoryBean;
    }

    //2.创建安全管理器
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("jwtRealm") Realm realm){

        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();

        //给安全管理设置realm
        defaultWebSecurityManager.setRealm(realm);

        return defaultWebSecurityManager;
    }

    //shiro注解
   /* @Bean
    public static DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
        return new DefaultAdvisorAutoProxyCreator();
    }

    @Bean(name = "lifecycleBeanPostProcessor")
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }*/

    @Bean("jwtRealm")
    public Realm getRealm(){
        return new JwtRealm();
    }

}
